NIS+ through NAT firewall
Bob Edwards
Robert.Edwards at anu.edu.au
Tue Jan 14 10:04:03 EST 2003
I knew I should have kept better documentation when we tried this experiment
several years ago on one of our systems. We ended up using LDAP, which works
fine through a NAT firewall.
From memory, we had to give the NAT firewall machine a pseudo credential on
the NIS+ server, and then use this same credential for all the clients sitting
behind the NAT firewall - ie. they all had the same credential, which may not
be an optimal situation for you.
As for the sequence of NIS+ packets between the client and server, why don't
you fire up tcpdump on the client and just watch them directly? Basically, all
NIS+ traffic is occuring over TCP connections and always start from the
client, so if your NAT firewall allows any TCP connection through that is
originated from the inside (a usual scenario), then it should work, if you get
the credential correct.
Cheers,
Bob Edwards.
Ravi Kiran wrote:
> hello Gurus,
>
> Has anybody successfully implemented NIS+ across NAT
> firewall?? I have a setup where clients(redhat linux 7.3) are behind a
> NAT linux firewall(uses iptables) and the server is on the other side of
> the firewall(solaris server). when I type niscat passwd.org_dir I get a
> NIS+ server unreaachable.
>
> Can anybody tell me clearly what transactions happen from start and
> on what ports in an order so that I can figure out what ports and
> protocols I have to allow through the NAT firewall.
>
> Thanking you guys in anticipation,
>
> ravi
>
>
> ------------------------------------------------------------------------
> Do you Yahoo!?
> Yahoo! Mail Plus
> <http://rd.yahoo.com/mail/mailsig/*http://mailplus.yahoo.com> -
> Powerful. Affordable. Sign up now
> <http://rd.yahoo.com/mail/mailsig/*http://mailplus.yahoo.com>
More information about the linux-nisplus
mailing list